so you dump some passwords from a machine and you see it contains LM and NTLM hashes. obviously LM is quicker to crack so you go for that one first and it gives you the uppercase plaintext password:
which provides the plaintext uppercase password "KITTENBOOTIES". Great, now we need the real password, the one with upper/lower cases. we do this easily by supplying the "KITTENBOOTIES" password as the wordlist (with mangling) to john again. so do this:
This will output the proper password of "kiTTenBooTiES"